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Amendments to the Claims; 

This listing of claims will replace all prior versions, and listings of claims in the application: 
Listing of Claims: 

1 1 . (Currently Amended) A method for authenticating an electronic payment 

2 comprising: 

3 receiving from a seller an electronic sales draft including an electronic signature^ 

4 said electronic sales draft being digitally signed using a private key associated with a piiblic key ; 

5 receiving from said seller a digital certificate associated with a buyer, said digital 

6 certificate including a first verification key and an encrypted version of a personal identification 

7 number (PIN) , said digital certificate including a binding between at least a portion of said 

8 financial account datum and said public key using a second verification key associated with a 

9 trusted party performing said binding ; 

1 0 using said first verification key to verify that said electronic signature was 

1 1 authorized by said buyer; 

12 extracting said encrypted version of said PIN from said digital certificate; 

1 3 decrypting said encrypted version of said PI N using said second verification key 

14 or a key associated with said second verification key, thereby verifying said first verification key 

15 was bound using said second verification key by said trusted party that performed said binding ; 

16 generating, using said PIN, an authorization request; sending said authorization 

17 request to a financial institution; receiving an approval of said authorization request from said 

1 8 financial institution; and sending said approval to said seller. 

1 2. (Currently Amended) A method for authorizing an electronic purchase in a 

2 networked computer environment, comprising the steps of: 

3 (a) receiving, from a merchant, a transaction authorization request including a 

4 digital certificate passed through said merchant from a user involved in said transaction? and a 
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transaction order that was di gitally signed by said user using a private key associated with a 
public key, 

(i) said digital certificate including a financial account datum 
associated with said user as well as a- said p ublic key of said user, 

(ii) said digital certificate also including a binding between at least a 



1 0 portion of said financial account datum and said public key of said 

use r using a cryptographic verification key associated with a 
trusted party performing said binding ; 
(b) verifying said binding using a -said cryptographic verification key or a key 
associated with said cryptographic verification key a s sociated with a trust e d party p e rforming 
said bindin g , thereby verifying said public key was bound using said cryptographic verification 
key by said trusted party that performed said binding ; and 



(c) using said financial account datum to authorize a- said transaction order 
digitally signed by said user with a- said p rivate key corresponding to said public key. 



1 3. (Previously Presented) The method of claim 2 where said digital 

2 certificate constitutes said binding. 

1 4. (Previously Presented) The method of claim 2 where said binding is 

2 embedded in said digital certificate. 

1 5. (Previously Presented) The method of claim 2 where said financial 

2 account datum includes a credit card number. 

1 6. (Previously Presented) The method of claim 2 where said financial 

2 account datum includes a debit card number. 

1 7. (Previously Presented) The method of claim 2 where said financial 

2 account datum includes a PIN. 
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1 8. (Previously Presented) The method of claim 2 where said financial 

2 -account datum includes a card verification value 2. 

1 9. (Previously Presented) The method of claim 2 where said financial 

2 account datum includes checking account information. 

1 1 0. (Previously Presented) The method of claim 2 where said binding is 

2 performed with a symmetric key shared between said trusted party and a party performing said 

3 verification step. 



1 
2 
3 



1 1 . (Currently Amended) The method of claim 2 wherein said key associated 
with said second verification key comprises an asymmetric key, where said binding is performed 
with an- said asymmetric ke y corresponding to said cryptographic verification key . 



1 12. (Previously Presented) The method of claim 2 where said binding is 

2 performed by an issuer of said digital certificate. 

1 13. (Previously Presented) The method of claim 2 where said binding is 

2 performed by an issuer of said financial accounting datum. 

1 14. (Previously Presented) The method of claim 2 where said digital 

2 certificate is protected with an access code known to said user. 

1 15. (Currently Amended) A method for providing electronic payment 

2 capabilities to a user in a networked computer environment, comprising the steps of: 

3 (a) obtaining a financial account datum associated with said user; 

4 (b) obtaining a public key associated with said user; 

5 (c) obtaining a cryptographically assured binding of said public key to at least 

6 a portion of said financial account datum using a cryptographic verification key associated with a 

7 trusted party performing said binding . 
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(i) said financial account datum, said public key, and said binding 



10 



9 



being included in a digital certificate for said user, 
(ii) said digital certificate being usable by said user to conduct an 



12 



11 



(d) 



electronic transaction involving said financial account datum; and 
transmitting said digital certificate to said user, enabling said user to 



13 conduct said electronic transaction involving (i) a merchant, and (ii) a transaction processor 

14 capable of verifying said binding using a -said cryptographic verification key or a key associated 

15 with said cryptographic verification key associat e d with a trust e d party p e rforming said binding , 

16 thereby verifying said public key was bound using said cryptographic verification key by said 

17 trusted party that performed said binding . 

1 16. (Previously Presented) The method of claim 1 5 where said digital 

2 certificate constitutes said binding. 

1 17. (Previously Presented) The method of claim 1 5 where said binding is 

2 embedded in said digital certificate. 

1 18. (Previously Presented) The method of claim 1 5 where said financial 

2 account datum includes a credit card number. 

1 19. (Previously Presented) The method of claim 15 where said financial 

2 account datum includes a debit card number. 

1 20. (Previously Presented) The method of claim 15 where said financial 

2 account datum includes a PIN. 

1 21. (Previously Presented) The method of claim 1 5 where said financial 

2 account datum includes a card verification value 2. 

1 22. (Previously Presented) The method of claim 1 5 where said financial 

2 account datum includes checking account information. 
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1 23. (Previously Presented) The method of claim 1 5 where said binding is 

2 performed with a symmetric key shared between said trusted party and said transaction 

3 processor. 



1 

2 
3 



24. (Currently Amended) The method of claim 15 wherein said key associated 
with said second verification key comprises an asymmetric key, where said binding is performed 
with aft- said asymmetric ke y corr e sponding to said cryptographic verification k e y . 



1 25. (Previously Presented) The method of claim 1 5 where said binding is 

2 performed by an issuer of said digital certificate. 

1 26. (Previously Presented) The method of claim 1 5 where said binding is 

2 performed by an issuer of said financial account information. 

1 27. (Previously Presented) The method of claim 1 5 further comprising the 

2 step, after step (a), of verifying said financial account datum. 

1 28. (Previously Presented) The method of claim 1 5 where said digital 

2 certificate is protected with an access code known to said user, 

1 29. (Previously Presented) The method of claim 15 where said digital 

2 certificate is stored at a credential server accessible to said user. 

1 30. (Currently Amended) An apparatus for authorizing an electronic purchase 

2 in a networked computer environment, comprising: 

3 (a) a computer processor; 

4 (b) a memory connected to said processor storing a program to control the 

5 operation of said processor; 

6 (c) the processor operable with said program in said memory to: 

7 (i) receive, from a merchant, a transaction authorization request, said 

8 request including a digital certificate passed through said merchant 
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from a user involved in said transactio n and a transaction order that 
was digitally signed by said user using a private key associated 
with a public key , 

(1) said digital certificate including a financial account datum 
associated with said user as well as a -said p ublic key of said 
user, 

(2) said digital certificate also including a binding between at 
least a portion of said financial account datum and a public 
key of said use r using a cryptographic verification key 
associated with a trusted party performing said binding ; 

(ii) verify said binding using a- said cryptographic verification key or a 
key associated with said cryptographic verification ke y associated 
with a trusted party p e rforming said bindin g , thereby verifying said 
public key was bound using said cryptographic verification key by 
said trusted party that performed said binding ; and 

(iii) use said financial account datum to authorize a transaction order 
digitally signed by said user with a rsaid p rivate key corresponding 
to said public key. 



1 31. (Previously Presented) The apparatus of claim 30 where said financial 

2 account datum includes a PIN. 

1 32. (Previously Presented) The apparatus of claim 30 where said financial 

2 account datum includes a card verification value 2. 

1 33. (Previously Presented) The apparatus of claim 30 where said binding is 

2 performed with an asymmetric key corresponding to said cryptographic verification key. 

1 34. (Currently Amended) An apparatus for providing electronic payment 

2 capabilities to a user in a networked computer environment, comprising: 
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3 (a) a processor; 

4 (b) a memory connected to said processor storing a program to control the 

5 operation of said processor; 

6 (c) the processor operable with said program in said memory to: 

7 (i) obtain a financial account datum regarding said user, 

8 (ii) obtain a public key associated with said user, 

9 (iii) obtain a cryptographically assured binding of said public key to at 

10 least a portion of said financial account datu m using a 

11 cryptographic verification key associated with a trusted party 

12 performin g said binding: , 

13 (1) said financial account datum, said public key, and said 

14 binding being included in a digital certificate for said user, 

15 (2) said digital certificate being usable by said user to conduct 

16 an electronic transaction involving said financial account 

17 datum, and 

1 8 (iv) transmit said digital certificate to said user, enabling said user to 

19 conduct said electronic transaction involving (1) a merchant, and 

20 (2) a transaction processor capable of verifying said binding using 

2 1 a- said cryptographic verification key or a key associated with said 

22 cryptographic veri fication ke y associat e d with a trust e d party 

23 p e rforming said bindin g , thereby verifying said public key was 

24 bound using said cryptographic verification key by said trusted 

25 party that performed said binding . 

1 35. (Previously Presented) The apparatus of claim 34 where said financial 

2 account datum includes a PIN. 

1 36. (Previously Presented) The apparatus of claim 34 where said financial 

2 account datum includes a card verification value 2. 



Page 8 of 15 



Appl. No. 09/437,065 

Amdt dated April 21, 2003 

Reply to Office Action of October 24, 2003 



PATENT 



1 37. (Previously Presented) The apparatus of claim 34 where said binding is 

2 performed with an asymmetric key corresponding to said cryptographic verification key. 

1 38. (Currently Amended) A computer-readable storage medium encoded with 

2 processing instructions for implementing a method for authorizing an electronic purchase in a 

3 networked computer environment, said processing instructions for directing a computer to 

4 perform the steps of 

5 (a) receiving, from a merchant, a transaction authorization request, said 

6 request including a digital certificate passed through said merchant from a user involved in said 

7 transactio n and a transaction order that was digitally signed by said user using a private key 

8 associated with a public key , 

9 (i) said digital certificate including a financial account datum 

10 associated with said user as well as a public key of said user, 

1 1 (ii) said digital certificate also including a binding between at least a 

12 portion of said financial account datum and a public key of said 

13 use r using a cryptographic verification key associated with a 

14 trusted party performing said binding ; 

1 5 (b) verifying said binding using a cryptographic verification key or a key 

16 associated with said cryptographic verification key, thereby verifying said public key was bound 

17 using said cryptographic verification key by said trusted party that performed said 

18 binding asGociated with a trusted party perforating said binding ; and 

19 (c) using said financial account datum to authorize a- said transaction order 

20 digitally signed by said user with a rsaid p rivate key corresponding to said public key. 

1 39. (Previously Presented) The computer-readable medium of claim 38 where 

2 said financial account datum includes a PIN. 

1 40. (Previously Presented) The computer-readable medium of claim 38 where 

2 said financial account datum includes a card verification value 2. 
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1 41 . (Previously Presented) The computer-readable medium of claim 38 where 

2 said binding is performed with an asymmetric key corresponding to said cryptographic 

3 verification key. 

1 42. (Currently Amended) A computer-readable storage medium encoded with 

2 processing instructions for implementing a method for providing electronic payment capabilities 

3 to a user in a networked computer environment, said processing instructions for directing a 

4 computer to perform the steps of: 

5 (a) obtaining a financial account datum regarding said user; 

6 (b) obtaining a public key associated with said user; 

7 (c) obtaining a cryptographically assured binding of said public key to at least 

8 a portion of said financial account datum using a cryptographic verification key associated with a 

9 trusted party performing said binding , 

10 (i) said financial account datum, said public key, and said binding 

1 1 being included in a digital certificate for said user, 

12 (ii) said digital certificate being usable by said user to conduct an 

13 electronic transaction involving said financial account datum; and 

14 (d) transmitting said digital certificate to said user, enabling said user to 

15 conduct said electronic transaction involving (i) a merchant, and (ii) a transaction processor 



1 6 capable of verifying said binding using a- said cryptographic verification key or a key associated 

17 with said cryptographic verification key, thereby verifying said public key was bound using said 

18 cryptographic verification key by said trusted party that performed said binding associated with a 

19 t ruste d p arty performing said binding . 

1 43. (Previously Presented) The computer-readable medium of claim 42 where 

2 said financial account datum includes a PIN. 

1 44. (Previously Presented) The computer-readable medium of claim 42 where 

2 said financial account datum includes a card verification value 2. 
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1 45. (Previously Presented) The computer-readable medium of claim 42 where 

2 said binding is performed with an asymmetric key corresponding to said cryptographic 

3 verification key. 

1 46. (Currently Amended) A digital certificate for use in an electronic payment 

2 transaction in a networked computer environment, comprising: 

3 (a) a financial account datum associated with a user as well as a public key 

4 associated with said user; 

5 (b) a cryptographically assured binding of said public key associated with said 

6 user to at least a portion of said financial account datum, said binding having been generated 

7 with a -cryptographic verification key associated with a trusted party performing said binding; 

8 (c) said digital certificate configured for use by a transaction processor to: 

9 (i) verify said binding using a-said cryptographic verification key or a 

1 0 key associated with said cryptographic verification key, thereby 

11 verifying said public key was bound using said cryptographic 

12 verification key by said trusted party that performed said 

13 binding a s sociated with said trusted party , and 

14 (ii) access said financial account datum to authorize a transaction order 

1 5 digitally signed with said user's private key corresponding to said 

16 public key. 

1 47. (Previously Presented) The digital certificate of claim 46 where said 

2 digital certificate constitutes said binding. 

1 48. (Previously Presented) The digital certificate of claim 46 where said 

2 binding is embedded in said digital certificate. 

1 49. (Previously Presented) The digital certificate of claim 46 where said 

2 financial account datum includes a credit card number. 
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1 50. (Previously Presented) The digital certificate of claim 46 where said 

2 financial account datum includes a debit card number. 

1 51. (Previously Presented) The digital certificate of claim 46 where said 

2 financial account datum includes a PIN. 

1 52. (Previously Presented) The digital certificate of claim 46 where said 

2 financial account datum includes a card verification value 2. 

1 53. (Previously Presented) The digital certificate of claim 46 where said 

2 financial account datum includes checking account information. 

1 54. (Previously Presented) The digital certificate of claim 46 where said 

2 binding is performed with a symmetric key shared between said trusted party and said 

3 transaction processor. 



1 

2 
3 



5 5 . (Currently Amended) The digital certificate of claim 46 wherein said key 
associated with said second verification key comprises an asymmetric key, where said binding is 
performed with aa -said asymmetric ke y corr e sponding to said cryptographic v e rification key . 



1 56. (Previously Presented) The digital certificate of claim 46 where said 

2 binding is performed by an issuer of said digital certificate. 

1 57. (Previously Presented) The digital certificate of claim 46 where said 

2 binding is performed by an issuer of said financial account datum. 

1 58. (Previously Presented) The digital certificate of claim 46 where said 

2 digital certificate is protected with an access code known to said user. 

1 59. (Previously Presented) The method of claim 2 where at least a portion of 

2 said financial account datum is kept confidential from said merchant. 
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1 60. (Previously Presented) The method of claim 15 where at least a portion of 

2 said financial account datum is kept confidential from said merchant. 

1 61 . (Previously Presented) The method of claim 30 where at least a portion of 

2 said financial account datum is kept confidential from said merchant. 

1 62. (Previously Presented) The method of claim 34 where at least a portion of 

2 said financial account datum is kept confidential from said merchant. 

1 63. (Previously Presented) The method of claim 38 where at least a portion of 

2 said financial account datum is kept confidential from said merchant. 

* 

1 64. (Previously Presented) The method of claim 42 where at least a portion of 

2 said financial account datum is kept confidential from said merchant. 

1 65. (Previously Presented) The method of claim 46 where at least a portion of 

2 said financial account datum is kept confidential from said merchant. 
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